package xin.marcher.module.rights.controller;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import xin.marcher.module.common.core.JsonResult;
import xin.marcher.module.rights.api.UserApi;
import xin.marcher.module.rights.domain.request.ModifyPasswordRequest;
import xin.marcher.module.rights.domain.request.QueryUserRequest;
import xin.marcher.module.rights.domain.request.RemoveUserRequest;
import xin.marcher.module.rights.domain.request.UserRequest;

/**
 *
 */
@RestController
@RequestMapping("/rights/user")
public class UserController {

    @Autowired
    private UserApi userApi;

    /**
     * 添加用户
     */
    @PreAuthorize("@rights.check('saveUser')")
    @PostMapping("/saveUser")
    public JsonResult saveUser(UserRequest request) {
        return userApi.saveUser(request);
    }

    /**
     * 删除用户
     */
    @PreAuthorize("@rights.check('removeUser')")
    @PostMapping("/removeUser")
    public JsonResult removeUser(RemoveUserRequest request) {
        return userApi.removeUser(request);
    }

    /**
     * 查询用户列表
     */
    @PreAuthorize("@rights.check('queryUser')")
    @PostMapping("/queryUser")
    public JsonResult queryUser(QueryUserRequest request) {
        return userApi.queryUser(request);
    }

    /**
     * 修改密码
     */
    @PreAuthorize("@rights.check('modifyPassword', #token)")
    @PostMapping("/modifyPassword")
    public JsonResult modifyPassword(String token, @RequestBody ModifyPasswordRequest request) {
        request.setToken(token);
        return userApi.modifyPassword(request);
    }

}
